<?php
if(!defined('_SetYour_')) die('Error');# Definicion de seguridad
$accion=$_GET['accion']; // agregar aqui un filtro si se requiere
$id=(int)$_GET['id'];
?>
<script type="text/javascript">
<!--
var usrcheck=true;
function registrar(){
	form=document.agregar;
	if(!form.usuario.value){
		alert("Llene todos lo campos");
	}else if(!usrcheck){
		mostrar('modulos/usuarios/procesador.php?usrcheck&usuario='+form.usuario.value,'usuario');
			setTimeout("checar();", 3000);
	}else{
		checar();
	}
}
function checar(){
form=document.agregar;
var obj = document.getElementById('usuario');
if(obj.innerHTML=='OK' || usrcheck==true){
	usrcheck=true;
}else{
	alert("<?=$_P['inuse']?>");
}

if(form.clave1.value.length>=6){
	if(form.clave1.value==form.clave2.value){
		
		if(form.usuario.value && form.nombre.value && form.email.value){
			form.submit();
		}else{
			alert("<?=$_P['noconfirm']?>");
		}
	}else{
		alert("<?=$_P['fillall']?>");
	}
}else{
	alert("<?=$_P['passhort']?>");
}
}
//->
</script>
<?php
if($accion=='editar' && !empty($id)){
	if($_POST['nombre']&&$_POST['apeido']&&$_POST['clave1']){
		if(XSRF("admin-wmb.php")){
			if($Usuarios=$SQL->consulta(
			"UPDATE wmb_usuarios 
			SET nombre = '".clean($_POST['nombre'])."',
			".(($_POST['clave2']!='******')?"clave = '".sha1($_POST['clave2'])."',":"")."
				apeido = '".clean($_POST['apeido'])."', 
				email = '".clean($_POST['email'])."',
				sexo = '".clean($_POST['sexo'])."',
				imagen = '".clean($_POST['imagen'])."',
				cargo = '".clean($_POST['cargo'])."'
			WHERE id =".$id." LIMIT 1;")){
			echo "<label class='titulo'>$_P[ucorrect2]<br /></label>";
			}else{
			echo "<label class='titulo'>$_P[uerror]<br /></label>";
			}
			?><div  class="marco_est" style="border:dashed 1px #000;" >
              <img src="imagenes/regresar.jpg" />
			  <a href="admin-wmb.php?modulo=usuarios" class="link-n"><?=$_P['return']?></a>
			  <?
		}
	}else{
$Usuario=$SQL->fila(
"SELECT *
FROM wmb_rangos
RIGHT JOIN wmb_usuarios ON wmb_usuarios.cargo = wmb_rangos.id
WHERE  wmb_usuarios.id=".$id." LIMIT 1");
$Rangos = $SQL->consulta("SELECT id,label FROM wmb_rangos");
?>
<label class='titulo'><?=$_P['edit']." ".$_P['user']?><br /></label>
<div  class="marco_est" style="border:dashed 1px #000;" >
<img src="imagenes/regresar.jpg" />
<a href="admin-wmb.php?modulo=usuarios" class="link-n"><?=$_P['return']?></a>
<table width="260" border="0" cellpadding="0" cellspacing="0" class="tabla" style="background:#CCC;text-align:center; margin-left:75px;">
<div id="usuario" style="display:none"></div>
<form method="post" action="" name="agregar">
<tr class="headers">
    <th  height="28"  style="text-align:right"><?=$_P['user']?> :</th>
    <td>
    <input name="usuario" type="text" value="<?=$Usuario->usuario?>" disabled="disabled" />
    </td>
 </tr>
<tr class="headers">
    <th  height="28"  style="text-align:right"><?=$_P['name']?> :</th>
    <td>
    <input name="nombre" type="text" maxlength="20" value="<?=$Usuario->nombre?>" autocomplete="off" />
    </td>
 </tr>
<tr class="headers">
    <th  height="28"  style="text-align:right"><?=$_P['lastname']?> :</th>
    <td>
    <input name="apeido" type="text" maxlength="20" value="<?=$Usuario->apeido?>" autocomplete="off" />
    </td>
 </tr>
<tr class="headers">
    <th  height="28"  style="text-align:right"><?=$_P['password']?> :</th>
    <td>
    <input name="clave1" type="password" value="******"/>
    </td>
 </tr>
<tr class="headers">
    <th  height="28"  style="text-align:right"><?=$_P['confirm']?> :</th>
    <td>
    <input name="clave2" type="password" value="******" />
    </td>
 </tr>
<tr class="headers">
    <th  height="28"  style="text-align:right"><?=$_P['email']?> :</th>
    <td>
    <input name="email" type="text" maxlength="50" value="<?=$Usuario->email?>" autocomplete="off" />
    </td>
 </tr>
<tr>
    <th  height="28" colspan="2" style="text-align:center;font-size:12pt; background:#<?=$Usuario->fondo?>;color:#<?=$Usuario->color?>"><?=$Usuario->label?></th>
</tr>
<tr class="headers">
    <th  height="28"  style="text-align:right"><?=$_P['rank']?> :</th>
    <td>
<select name="cargo">
<option value='0'>Sin cargo</option>
<?php
if(!empty($Rangos)){
	$i=0;
	foreach($Rangos as $rango){
		$i++;
		echo "<option value='".$rango->id."'>".$rango->label."</option>";
		if($rango->id==$Usuario->cargo) $rangoa=$i;
	}
}
?>
</select>
    </td>
 </tr>
<tr class="headers">
    <th  height="28"  style="text-align:right"><?=$_P['sex']?> :</th>
    <td>
    <select name="sexo">
		<option value='H' selected="selected"><?=$_P['man']?></option>
        <option value='M'><?=$_P['woman']?></option>
	</select>
    </td>
</tr>
<tr class="headers">
    <th  height="28"  style="text-align:right"><?=$_P['img']?> :</th>
    <td>
    <input name="imagen" type="text" maxlength="1000" value="<?=$Usuario->imagen?>" autocomplete="off" />
    </td>
 </tr>
<tr>
    <td colspan="2">
    <input type="button" onclick="checar();" value="Guardar" />
    </td>
 </tr>
 
</form>
</table>
<?
if(isset($rangoa)){
?>
<script language="javascript" type="text/javascript">
	var sex;
	document.agregar.cargo.selectedIndex = <?=$rangoa; ?>;
	if("<?=$Usuario->sexo; ?>"=="H"){sex=0;}else{sex=1;}
	document.agregar.sexo.selectedIndex = sex;
</script>
<? }
	}
}else if($accion=='agregar'){
	if($_POST['usuario']&&$_POST['nombre']&&$_POST['clave1']){
		if(XSRF("admin-wmb.php")){
			if($Usuarios=$SQL->consulta(
			"INSERT INTO wmb_usuarios 
			 VALUES (NULL , '".clean($_POST['usuario'])."',
			  '".sha1($_POST['clave2'])."',
			  '".clean($_POST['nombre'])."',
			  '".clean($_POST['apeido'])."',
			  '".clean($_POST['sexo'])."',
			  '".clean($_POST['imagen'])."',
			  '".clean($_POST['email'])."',
			  '".clean($_POST['rango'])."');
			 ")){
				?>
                
                <?
			echo "<label class='titulo'>$_P[ucorrect]<br /></label>";
			}else{
			echo "<label class='titulo'>$_P[uerror]<br /></label>";
			}
			?><div  class="marco_est" style="border:dashed 1px #000;" >
              <img src="imagenes/regresar.jpg" /><?
		}
	}else{
	$Rangos=$SQL->consulta("SELECT id,label FROM wmb_rangos");
	if(!empty($Rangos)) foreach($Rangos as $rango) $rankslist.= "<option value='".$rango->id."'>".$rango->label."</option>";
?>
<label class='titulo'><?=$_P['new']." ".$_P['user']?><br /></label>
<div  class="marco_est" style="border:dashed 1px #000;" >
<img src="imagenes/regresar.jpg" />
<a href="admin-wmb.php?modulo=usuarios" class="link-n"><?=$_P['return']?></a>
<table width="260" border="0" cellpadding="0" cellspacing="0" class="tabla" style="background:#CCC;text-align:center; margin-left:75px;">
<div id="usuario" style="display:none"></div>
<form method="post" action="" name="agregar">
<tr class="headers">
    <th  height="28"  style="text-align:right"><?=$_P['user']?> :</th>
    <td><input name="usuario" type="text" maxlength="10" autocomplete="off" onchange="usrcheck=false;"/></td>
</tr>
<tr class="headers">
    <th  height="28"  style="text-align:right"><?=$_P['name']?> :</th>
    <td><input name="nombre" type="text" maxlength="20" autocomplete="off"/></td>
</tr>
<tr class="headers">
    <th  height="28"  style="text-align:right"><?=$_P['lastname']?> :</th>
    <td><input name="apeido" type="text" maxlength="20" autocomplete="off"/></td>
</tr>
<tr class="headers">
    <th  height="28"  style="text-align:right"><?=$_P['sex']?> :</th>
    <td>
    <select name="sexo">
		<option value='H' selected="selected"><?=$_P['man']?></option>
        <option value='M'><?=$_P['woman']?></option>
	</select>
    </td>
</tr>
<tr class="headers">
    <th  height="28"  style="text-align:right"><?=$_P['img']?> :</th>
    <td><input name="imagen" type="text" maxlength="1000" autocomplete="off"/></td>
</tr>
<tr class="headers">
    <th  height="28"  style="text-align:right"><?=$_P['password']?> :</th>
    <td><input name="clave1" type="password" autocomplete="off" /></td>
</tr>
<tr class="headers">
    <th  height="28"  style="text-align:right"><?=$_P['confirm']?> :</th>
    <td><input name="clave2" type="password" autocomplete="off"/></td>
</tr>
<tr class="headers">
    <th  height="28"  style="text-align:right"><?=$_P['email']?> :</th>
    <td><input name="email" type="text" maxlength="50" autocomplete="off"/></td>
</tr>
<tr class="headers">
    <th  height="28"  style="text-align:right"><?=$_P['rank']?> :</th>
    <td>
    <select name="rango">
    <option value="0" selected="selected"><?=$_P['without']." ".$_P['rank']?></option>
		<?=$rankslist?>
	</select>
	</td>
</tr>
<tr class="headers">
    <td  height="28"  colspan="2" style="text-align:center"><input type="button" onclick="registrar();" name="enviar" value="<?=$_P['create']." ".$_P['user']?>" /></th>
</tr>
</form>
</table>
<?
}
}else if($accion=='eliminar'){
if(XSRF("admin-wmb.php")){
		if(!empty($id)){
			if($Usuario=$SQL->fila("SELECT id,usuario, nombre, apeido FROM wmb_usuarios WHERE id = ".$id." LIMIT 1")){
			?> <label class='titulo'><?=$_P['ucorrect3'];?><br /></label><?
				$SQL->consulta("DELETE FROM wmb_usuarios WHERE id = ".$Usuario->id." LIMIT 1");
			}
		}
	}
}else{
	// LISTA DE USUARIOS
$Usuarios=$SQL->consulta("SELECT * FROM wmb_rangos RIGHT JOIN wmb_usuarios ON wmb_usuarios.cargo= wmb_rangos.id");
foreach($Usuarios as $usuario){
	   $userlist.="<tr style='background:#EEE'>
		<th align='center' onmousemove=\"document.getElementById('mnu_rangos_".$usuario->id."').style.display='block';\" onmouseout=\"document.getElementById('mnu_rangos_".$usuario->id."').style.display='none';\">
	<img src='$usuario->imagen' height='87' width='78' alt='$_P[RR_PIC]' /><br />
	<label>$usuario->usuario</label>
	<div id='mnu_rangos_".$usuario->id."' class='pag_opt'><a href='?modulo=usuarios&accion=editar&id=".$usuario->id."' class='link-blue'>Ver o Editar</a> | <a href='' class='link-red' onclick=\"if(confirm('De verdad desdea borrar a este usuario?')) document.location.replace('?modulo=usuarios&accion=eliminar&id=".$usuario->id."'); return false;\">Borrar</a>
	</th>
    <td class='center'><label>$usuario->nombre</label></td>
    <td class='center'><label>$usuario->apeido</label></td> 
     <td class='center'><label>".(($usuario->sexo=="M")?"$_P[woman]":"$_P[man]")."</label></td>
     <td class='center' style='background:#$usuario->fondo;color:#$usuario->color'><label>$usuario->label</label></td> 
  </tr>";
}
// LISTA DE USUARIOS
?>
<label class='titulo'><?=$_P['admin_user']?><br /></label>
<div  class="marco_est" style="border:dashed 1px #000">
<img src="imagenes/agregarusuario.jpg" />
<a href="admin-wmb.php?modulo=usuarios&accion=agregar" class="link-n"><?=$_P['add']." ".$_P['user']?></a> | 
<img src="imagenes/editarrangos.jpg" />
<a href="" class="link-n"><?=$_P['edit']." ".$_P['ranks']?></a> |
<table width="410" border="0" cellpadding="0" cellspacing="0" class="tabla">
<tr class="headers">
    <th  height="28" width="73"><?=$_P['user']?></th>
    <th><?=$_P['name']?></th>
    <th><?=$_P['lastname']?></th>
    <th><?=$_P['sex']?></th>
    <th><?=$_P['rank']?></th> 
</tr>
<?=$userlist;?>
<tr class="headers">
    <th  height="28" width="73"><?=$_P['user']?></th>
    <th><?=$_P['name']?></th>
    <th><?=$_P['lastname']?></th>
    <th><?=$_P['sex']?></th>
    <th><?=$_P['rank']?></th> 
</tr>
</table>
<?
}
?>
</div>